On July 18th newsrooms were buzzing about the Crowdstrike outage that was wiping out flights, medical procedures, and grocery store systems. Was it caused by a major cyber security breach? How long will the outage last? Media outlets scrambled to find the answers for communities affected by these outages.
Meanwhile, cyber scammers were getting to work, preparing their attacks while businesses and individuals were at their most vulnerable. In today’s blog, we will review the Crowdstrike outage, what caused it, and the scams that came with the aftermath. Let’s get into it.
What happened
Crowdstrike is a major cyber security firm that specializes in a cloud-based security platform. One of their most significant clients is technology giant, Microsoft, which provides software to other giant corporations around North America including travel, medical, and government organizations.
Trouble began when Crowdstrike released an update to their Falcon sensor, which resulted in a logic error causing massive disruptions to the Microsoft platform. These issues then trickled down to Microsoft customers including major airlines, Delta, and healthcare giant, Pfizer.
Take proactive steps to invest in your business’s cyber resilience now to protect your organization from costly data breaches and disruptions. Start easily with our Quickstart Training Bundles. To learn more CLICK HERE.
It is reported that 175 Fortune 500 companies were impacted by this outage, losing $44 million each. However, the impact went beyond these giant companies, as urgent surgeries and flights home for major events were cancelled, impacting families across North America.
Was the Crowdstrike outage caused by a cyber security incident?
Despite the widespread speculation, the CrowdStrike outage was not caused by a cyber attack. It was an internal error due to a faulty update. However, the chaos it caused created an opportunity for cyber criminals to launch their own attacks, leveraging the confusion to trick unsuspecting victims.
Crowdstrike scams
In the aftermath of the outage, cyber criminals pounced on the opportunity to take advantage of customers while they were distraught and customer service abilities were limited. The following scams emerged in the days and weeks after:
- Phishing Attacks: Cyber criminals sent emails posing as CrowdStrike or other IT support services, offering fixes or updates to individuals and employees impacted by the outages. Cyber criminals would often lure individuals to click on malicious links or open attachments for “help” with the outage, but then steal credentials or deploy malware.
- Fake Websites: Scammers created clone websites mimicking Crowdstrike’s official site, offering fraudulent solutions or updates to fix the outage. These sites often collected sensitive information or distributed malware.
- Social Media Scams: On platforms like Twitter and LinkedIn, fake accounts claiming to be Crowdstrike representatives offered assistance, directing users to malicious sites or requesting personal or financial information from individuals.
How to stay vigilant
In light of such incidents, it’s crucial to adopt a vigilant approach and remind your employees to have a vigilant approach to cyber security. Make sure you are taking these precautions during outages or any scenario where tensions are high:
- Verify Sources: Always verify the sender’s email address and website URL before clicking on any links or providing any information. Take a look at Crowdstrike’s official website and note down their official domain. Official communications from Crowdstrike or any other company will come from the same domain.
- Be Skeptical of Unsolicited Offers: If you receive unexpected offers of help or solutions, especially those that ask for sensitive information or immediate action, be skeptical and cross-check with official sources.
- Be Calm: Although situations like these cause panic, try your best to stay calm and not take drastic actions. Remember to breathe, move slowly, think twice, or even count to five before taking an action. Reminding your employees to slow down, can also help them stay calm during the chaos and make better security decisions.
- Host an Emergency Meeting: If you are a security manager, now would be the time to call an emergency meeting, or take up 5 minutes of a meeting already scheduled to address the Crowdstrike outage. Remind all employees that guards need to be up, as scammers are on the move during these stressful times. Offer your guidance and have open office hours for individuals to come to you for help.
- Stay Updated: Follow official updates from Crowdstrike and other trusted cyber security sources to stay informed about the latest developments and recommended actions. Consider sending all updates in your organization’s #security channel or other communication channel to keep all employees informed.
The CrowdStrike outage of 2024 highlighted the vulnerabilities that can arise from even well-established cyber security firms. While the outage was not a result of a direct cyber attack, the following scams demonstrated the opportunistic nature of cyber criminals. By staying vigilant, verifying sources, and educating yourself and your employees, you can better protect against such threats in the future. Stay informed and always approach unsolicited communications with caution to safeguard your digital assets.
The post Crowdstrike outage: Growing scams amid global outage appeared first on Click Armor.
*** This is a Security Bloggers Network syndicated blog from Click Armor authored by Ryan H.. Read the original post at: https://clickarmor.ca/2024/07/crowdstrike-outage-growing-scams-amid-global-outage/